1
22
23 package com.liferay.portal.security.auth;
24
25 import com.liferay.portal.kernel.log.Log;
26 import com.liferay.portal.kernel.log.LogFactoryUtil;
27 import com.liferay.portal.kernel.util.ParamUtil;
28 import com.liferay.portal.kernel.util.StringPool;
29 import com.liferay.portal.kernel.util.Validator;
30 import com.liferay.portal.model.User;
31 import com.liferay.portal.security.ldap.PortalLDAPUtil;
32 import com.liferay.portal.util.PortalUtil;
33 import com.liferay.portal.util.WebKeys;
34
35 import javax.naming.directory.SearchResult;
36 import javax.naming.ldap.LdapContext;
37
38 import javax.servlet.http.HttpServletRequest;
39 import javax.servlet.http.HttpServletResponse;
40
41
46 public class NtlmAutoLogin implements AutoLogin {
47
48 public String[] login(
49 HttpServletRequest request, HttpServletResponse response) {
50
51 String[] credentials = null;
52
53 try {
54 long companyId = PortalUtil.getCompanyId(request);
55
56 if (!PortalLDAPUtil.isNtlmEnabled(companyId)) {
57 return credentials;
58 }
59
60 String screenName = (String)request.getAttribute(
61 WebKeys.NTLM_REMOTE_USER);
62
63 if (screenName == null) {
64 return credentials;
65 }
66
67 request.removeAttribute(WebKeys.NTLM_REMOTE_USER);
68
69 User user = getUser(companyId, screenName);
70
71 if (user != null) {
72 String redirect = ParamUtil.getString(request, "redirect");
73
74 if (Validator.isNotNull(redirect)) {
75 request.setAttribute(
76 AutoLogin.AUTO_LOGIN_REDIRECT_AND_CONTINUE, redirect);
77 }
78
79 credentials = new String[3];
80
81 credentials[0] = String.valueOf(user.getUserId());
82 credentials[1] = user.getPassword();
83 credentials[2] = Boolean.TRUE.toString();
84 }
85 }
86 catch (Exception e) {
87 _log.error(e, e);
88 }
89
90 return credentials;
91 }
92
93 protected User getUser(long companyId, String screenName) throws Exception {
94 SearchResult result = (SearchResult)PortalLDAPUtil.getUser(
95 companyId, screenName);
96
97 if (result == null) {
98 if (_log.isWarnEnabled()) {
99 _log.warn(
100 "No user was found in LDAP with screenName " + screenName);
101 }
102
103 return null;
104 }
105
106 LdapContext ctx = PortalLDAPUtil.getContext(companyId);
107
108 User user = PortalLDAPUtil.importLDAPUser(
109 companyId, ctx, result.getAttributes(), StringPool.BLANK, false);
110
111 ctx.close();
112
113 return user;
114 }
115
116 private static Log _log = LogFactoryUtil.getLog(NtlmAutoLogin.class);
117
118 }